By Dave Rimmer (217.41.67.189 - 217.41.67.189) on Tuesday, July 02, 2002 - 06:32 pm:| By Dave Rimmer (217.41.67.189 - 217.41.67.189) on Tuesday, July 02, 2002 - 06:32 pm: |
Someone who uses this forum has a seriously infected PC with the Klez virus. I'm receiving mails from people who I have only had any contact with on the forum which are carrying the Klez 32 virus. The latest one was from the email account of 'Phillysoulman'. Now I'm not suggesting for one minute that Bobby Eli is sending them out (I've had them from Ralph Terrano as well :-)), but the only connection between these two addresses and myself is this forum. So can I ask that EVERYONE who has posted on the forum, and ANYONE who wishes to post gets an up to date virus checker and USES it !
Dave Rimmer
| By Carl Dixon London (62.31.32.130 - 62.31.32.130) on Tuesday, July 02, 2002 - 06:42 pm: |
Hi Dave - I met you at your book launch with Dennis. Love your book! Bee Cool are doing a great job on this type of stuff.
This virus thing is deep! There is another thread further down that has a history of what has been happening on here for a while, with a list of the danger attachments. Take a look if you get a minute.
Cheers
| By Vickie (64.12.105.33 - 64.12.105.33) on Tuesday, July 02, 2002 - 07:29 pm: |
Recently I got the virus from Dave Rimmer and I get it from Limestone Records a lot too..
Vickie
| By HW (12.110.192.128 - 12.110.192.128) on Tuesday, July 02, 2002 - 08:33 pm: |
David - FYI, this has been happening for weeks. See previous posts on the subject under 'Virus Alert'
| By Ed Wolfrum (165.247.228.133 - 165.247.228.133) on Wednesday, July 03, 2002 - 01:43 am: |
I just received bounced messages from two address that I never sent messages to that the mailboxes were full. They were sent to my server address and not my listed address which is what I use. That indicates that they are not originating here. I traced the server and they originated in the orient and UK!!! They are NOT comming from those listed as the sender.
Again, what this shows is that someone is using the posted numerical addresses to trace to each mail server and is using that name ID to place the virus in Java script in the message IDed with members of the forum!!!!
I must get 5 messages a day about KLEZ, all phoney, and from various addresses. But the verbose origin points either to the Orient or UK according to my server people. They are speaking to law enforcement people about the problem which in this country is FRAUD!!!
The problem is that the numeric address can be traced to the server address. He then uses that name to lure the opening of the e-mail and plant the virus.
This guy is real scum. And that makes sense as one forum member I spoke to reports much of the attached Java crap is PORN.
| By Vickie (64.12.106.32 - 64.12.106.32) on Wednesday, July 03, 2002 - 02:12 am: |
Like I stated in a previous thread about this, some subject lines have related to what I am doing with my book, so it seemed to me someone was indeed lerking and not something that was going into address books on it's own. I have had very tempting subject lines relating to Tammi and the book, so I just delete everything and email the address and ask if they sent something to me.
I am still clueless so I take Ritchie's advice shoot now ask Q's later 
Vickie
| By david, glasgow, scotland (213.122.158.75 - 213.122.158.75) on Wednesday, July 03, 2002 - 07:49 am: |
I would agree that this is of a different nature to that suggested by Dave Rimmer.
Someone is definitely aiming these things deliberately at SD.
My latest one is "update on bobby eli's hospitalisation".
It is still pertinent to take steps listed in other virus thread. It costs nothing and if you accidentally open one of these things it will give you a warning you can't miss.
I'm looking forward to finding out who's doing this. It must only be a matter of time.
| By Carl Dixon London (62.31.32.130 - 62.31.32.130) on Wednesday, July 03, 2002 - 07:54 am: |
I agree David - however I had a thought whilst posting something on the fav drummers thread - even though these attachments are deadly, I am happy taking the risk because the forum banter is quality. I have set up Outlook Express rules to delete those virus subject lines that we know about immediately on arrival and manually delete others that arrive. If anything, they are teaching us how to react to this type of thing and priming us to check our virus software more thoroughly.
| By david, glasgow, scotland (213.122.158.75 - 213.122.158.75) on Wednesday, July 03, 2002 - 07:58 am: |
As Lowell pointed out, these things are now part of internet life.
The good guys will always win over the bad however. Stay Tuned.
| By Vickie (205.188.196.56 - 205.188.196.56) on Monday, July 15, 2002 - 08:26 pm: |
I have been getting a mass amounts of emails today asking me to remove folks from the mailing list and address book. It's addressed to the forum and not my TammiProject email address, so I am assuming it's a mass email goint to all of us here..
anyone else getting this?
Vickie
| By Ritchie (62.254.0.6 - 62.254.0.6) on Monday, July 15, 2002 - 08:31 pm: |
Vickie
I haven't had that message, but the bogus emails seem to be on the increase. I suggest everyone should be even more vigilant.
R
| By Vickie (205.188.196.56 - 205.188.196.56) on Monday, July 15, 2002 - 08:38 pm: |
Hey Ritchie,
I didn't quite understand why it was addressed to SoulfulDetroit.com, and how did I get it....
I forwarded one to Ralph to look at, it came from a server service (I think) Informing this site of a virus..
Too crazy man, too crazy...
You can't get a virus from just an email can you? there has to be an attachment right? now I am weary of anything, I never open attachments.
Vickie
| By Soultwine (195.93.32.188 - 195.93.32.188) on Monday, July 15, 2002 - 08:57 pm: |
Vickie
yes..i've had tons of those today too!.
Phil
| By Ritchie (62.254.0.6 - 62.254.0.6) on Monday, July 15, 2002 - 09:22 pm: |
Vickie
Do you mean the subject line was "to Soulful Detroit" (or something similar)? I'm sure the actual email address would have to be yours or you wouldn't have received it. :o)
| By Greg C. (209.71.79.186 - 209.71.79.186) on Monday, July 15, 2002 - 09:24 pm: |
All of a sudden I'm getting the most idiotic e-mails from people I do not know. This person is trying really hard to pass this virus, I've gotten about eight B.S. e-mails in the past few days. The only thing I can advise is DO NOT OPEN E-MAIL ATTACHMENTS FROM FOLKS YOU DO NOT KNOW! With me it's a gut feeling.
| By Ritchie (62.254.0.6 - 62.254.0.6) on Monday, July 15, 2002 - 09:36 pm: |
Greg - check out the other two Virus threads on the borad. There's a list of (some of) the subject lines, though they're pretty easy to spot as soon as they arrive... such as one I received yesterday: "Let's Be Friends" from "Harry Weinger" - yeah, right.
Treat every message with caution, especially if it's someone from the Forum that you've had no direct contact with. Chances are - it's bogus. Shoot first - ask questions later.
Ritchie
| By Vickie (205.188.196.56 - 205.188.196.56) on Monday, July 15, 2002 - 09:43 pm: |
Ritchie,
the subject line was "remove from mailing list"
on one of them, and one said
"virus detected" (I think, or similar) My email address was not on it...it looked as if it was sent to everyone on SoulfulDetroit.com, that's the email I sent Ralph to look at...
I shot then and am asking questions now
Vickie
| By Vickie (205.188.196.56 - 205.188.196.56) on Monday, July 15, 2002 - 09:48 pm: |
Richie,
it was like the Yahoo format when a mass email goes to everyone in a Yahoo club or from a web site, the first one was from a server saying that The Soulful Detroit site has a virus...My Email address was not there, it was addressed to SoululfulDetroit.com, the a bunch followed saying remove me from your list in the subject line.
This one baffles me..
Blondie
| By Ritchie (62.254.0.6 - 62.254.0.6) on Monday, July 15, 2002 - 09:51 pm: |
Quite right - stay wary. I haven't received either of these messages, so if it is a bulk-mailing, it's not blanketing all the regulars here. The recipient/s should be listed in the "headers", (parts you can't normally read) so if Ralph still has it, he should be able to see who else got this message, and approximately where it originated. E.G. the "Microsoft" message I received was posted from somewhere in England.
| By Ritchie (62.254.0.6 - 62.254.0.6) on Monday, July 15, 2002 - 09:56 pm: |
Vickie
If you get another one like it - mail it to me as an attachment, or forward it to me. I'll check it out. BTW, if you're using Outlook, be sure to delete any forwarded message from the "sent" folder, otherwise it may be still lurking on your system.
| By Vickie (152.163.189.129 - 152.163.189.129) on Monday, July 15, 2002 - 10:20 pm: |
Thanks Ritchie,
I deleted it right away and deleted the sent copy to Ralph., it did not have an attachment though..it was just an email saying the forum was infected..then the ones that followed did not have attachments either..
Hopefully Ralph still has it - I don't.
Vickie
| By david, glasgow, scotland (62.6.103.123 - 62.6.103.123) on Tuesday, July 16, 2002 - 07:55 am: |
I access the forum every day at work.
I do not use my works e-mail address to communicate.
I never receive virus e-mails in the workplace.
I therefore believe that accessing the forum will not cause you to receive virus e-mail.
If you take the advice issued in earlier e-mails, and download appropriate free software, any mail opened accidentally which contains viruses will be highlighted by a "red message screen".
I therefore recommend that you at least do that and also utilise the hard disk screening tool contained therein.
Sorry about all of this, but it must only be a matter of time until we catch up with this creep.
| By mike s (195.93.50.158 - 195.93.50.158) on Tuesday, July 16, 2002 - 03:21 pm: |
I have had them too...I think they are connected with the soul patrol website...
| By HW (12.110.192.128 - 12.110.192.128) on Tuesday, July 16, 2002 - 03:54 pm: |
Ritchie - it wasn't from me (I have been spammed mercilessly in the last few days), but can we be friends anyway?
;)
| By Ritchie (62.254.0.6 - 62.254.0.6) on Tuesday, July 16, 2002 - 04:03 pm: |
Harry - ca va sans dire ;o)
| By Vickie (152.163.189.129 - 152.163.189.129) on Tuesday, July 16, 2002 - 05:30 pm: |
Silly Question for Ritchie,
Does this virus effect your computer screen names?
and spread that way too?
why is it that I get these messages only on one of my screen names and not the other ones..I visit soulful detroit , but only use my Tammi email address? same computer though.
hmmmmmm...
Vickie
| By Ritchie (62.254.0.6 - 62.254.0.6) on Tuesday, July 16, 2002 - 05:41 pm: |
Silly answer for Vickie...
I don't know. If I/we knew exactly how it worked, we'd have a much better chance of beating it. All I kow is that all the bogus messages I've received have been in some way Forum-related - the "senders" anyway. That's the only common denominator. The subject lines are apparently random, non-personal and generic. Beyond that, I'm simply into the realms of guesswork.
R - scratching his head
(Not an easy task when you type with both hands!)
| By Vickie (205.188.196.53 - 205.188.196.53) on Tuesday, July 16, 2002 - 11:51 pm: |
V - scratching her head too